mistakes – Jupiter Broadcasting

Mind the Apps | User Error 67

Wes Payne — Fri, 07 Jun 2019 17:17:19 +0000

Show Notes: error.show/67

The post Mind the Apps | User Error 67 first appeared on Jupiter Broadcasting.

Boston Bomb Job | Unfilter 46

chris — Wed, 17 Apr 2013 21:07:59 +0000

To view this video please enable JavaScript, and consider upgrading to a web browser that supports HTML5 video

We cover and analyze the Boston Bombings, take a critical look at the media’s horrendous coverage and breakdown a few of the common conspiracies.

Plus: Letters sent to a Mississippi senator and President Obama tested positive for Ricin, adding to state of national panic. But are these letters connected with the Boston Bombings? We’ve got the answers

And: CISPA is just hours from passing, a little bit of good news, your feedback, and much much more!

On this week’s episode of, Unfilter.

Direct Download:

RSS Feeds:

Become an Unfilter Supporter:

Pay With Bitcoin

-- Show Notes --

Another Bird Flu Outbreak

As Bird Flu Spreads In China, The Source Remains A Mystery : Shots – Health News : NPR

Most of the human H7N9 cases have occurred in Shanghai or the surrounding region. But there have been two cases in Beijing, which is nearly 800 miles away from Shanghai.

Most people infected have been hospitalized with severe respiratory problems and 17 have died. But Hartl says there have been a handful of mild cases. \”At least one person wasn\’t hospitalized.\” And, one boy in Beijing tested positive for the virus but showed no symptoms at all.

Thanks for Supporting Unfilter:

This Week’s New Supporters:

Hans-Peter G

Jacob B

Detlef W

Stephen B

Douglas D – Using a PayPal specific email?

Thanks to our 65 Unfilter supporters!
Supporter perk: Downloadable Pre and Post show. Extra clips, music, hijinks, and off the cuff comments. The ultimate Unfiltered experience.

Boston Bombing

A camera shot first moments after deadly explosions in Boston, Massachusetts. At least three people, including an eight-year-old, have been killed and more than a hundred injured after two explosions hit the finish line of the Boston Marathon.

There is conflicting information as to whether someone has been arrested in connection with the Boston Marathon bombings.

A federal law enforcement source told CNN\’s Fran Townsend that someone was arrested. But two senior administration officials and another federal official then told Townsend that there had been a misunderstanding among officials and that no one has been arrested.

Two Justice Department officials also told CNN\’s Joe Johns that there has been no arrest, and that authorities were looking into where the earlier confusion came from.

NBC News Beats The Competition, Is First To Report Correctly That No Arrest Made In Boston Bombing Case

Amid a frenzy of reporting on Wednesday that a suspect had been arrested in the Boston Marathon bombing case, NBC News stood out as the only network reporting that no arrest had been made. In the face of increasing evidence that they were incorrect, NBC News stuck to their guns and insisted that there had been no arrest. Within minutes, it became clear that NBC News was the only network to get the story right — no arrest had been made in the Boston bombing case.

\’Daily News\’ doctored front-page photo from Boston bombing | Capital New York

\”Editing should maintain the integrity of the photographic images\’ content and context,\” according to the ethics code for the National Press Photographers Association, a professional society. \”Do not manipulate images … in any way that can mislead viewers or misrepresent subjects.\”

Boston Marathon Bombing Rumors

Poison Letters

Feds arrest suspect in ricin-positive letters sent to Obama, senator – U.S. News

Federal agents on Wednesday arrested a suspect in the mailing of letters to President Barack Obama and a U.S. senator that initially tested positive for the poison ricin.

The suspect was identified as Paul Kevin Curtis of Tupelo, Miss., federal officials told NBC News. They said he may appear in court as early as Wednesday night.

Initial tests show ricin in letter to Obama

FBI spokesman Paul Bresson said preliminary tests on the letter to Obama showed evidence of ricin, a powerful toxin that is generally considered to be ineffective as a weapon for mass terrorism.

Why Was Bioterror Poison Mailed to this Senator? – YouTube

A letter sent to a Mississippi senator tested positive for the poison ricin, federal authorities revealed Tuesday, adding to security concerns in the Capitol after the Boston Marathon bombing.

What is Ricin? Senator Roger Wicker Gets Poison Letter

Ricin comes from the castor bean plant, and is the most poisonous, naturally occurring substance, according to Cornell University Department of Animal Sciences. The part of the plant that is poisonous to people, animals, and insects, is the bean

US tortured detainees\’ after 9/11 attack

\’Indisputable\’ that US engaged in torture, Washington watchdog says

A two-year study by the Constitution Project determined that there was \”no
justification\” for the so-called \”enhanced interrogation techniques\”
deployed by the George W Bush administration, which it said violated both
international and American law.

\”It is indisputable that the United States engaged in the practice of
torture,\” said the 577-page report by Constitution Project, a high-powered
Washington watchdog.

\’US tortured detainees\’ after 9/11 attack – YouTube

The US military detention centre at Guantanamo Bay is the symbol of everything the country has done wrong since the September 11 attacks, according to a bipartisan group of former officials and academics.

The group, which reviewed US detention and rendition practices, has concluded that US interrogators committed torture while questioning detainees, and there\’s no proof the torture gave authorities any information to prevent future attacks.

Seasoned interrogators have confirmed the report finding that harsh interrogation techniques were ineffective and there was no rationale for their use, whether practical or moral.

CISPA is Coming…

Tell President Obama: Protect My Privacy, Veto CISPA | American Civil Liberties Union

Yesterday, we reached two important milestones in the fight to stop CISPA! Just after surpassing 50,000 petition signatures, a formal statement from the White House announced President Obama\’s intention to veto CISPA if it passes Congress in its current form. But with several amendments to the bill pending that could make him rethink his veto threat (even if they do little to protect our privacy), we need to keep the pressure on.

Government Has Already Fooled Us More Than Once On Privacy; History Belies How CISPA Will Be Used | Techdirt

One of the key things we\’ve seen in the pushback on CISPA is that its backers insist that people arguing against it don\’t really understand how the bill works, and that it does protect privacy. CISPA sponsor Rep. Mike Rogers himself took to Twitter this morning to tell the EFF that it\’s misreading his bill. But, of course, as we\’ve seen, it seems that Rogers himself is the one being misleading when it comes to privacy. If he truly believed in privacy protections, he would have supported a variety of straightforward amendments that made it clear how privacy could be protected. But he didn\’t. Instead, he clearly left it open for abuse.

If you’re a Supporter check your inbox!

Call us: 1.425.312.1756

Follow the Us:

The post Boston Bomb Job | Unfilter 46 first appeared on Jupiter Broadcasting.

A Simple Mistake | TechSNAP 4

chris — Sun, 08 May 2011 22:23:52 +0000

The guys focus on the recent major network compromises, and outages – and what was at the core of their failure. Like Sony’s PSN and SOE attacks, and the recent Amazon EC2 outages. What do these very separate events have in common?

Find out what simple mistakes snowballed into full-on network meltdowns. Plus the EU’s nutty plans to convince websites to prompt every user to sign a EULA for their cookies!

[ad#shownotes]

Show Notes:

Topic: SOE Breached as well, 24 million records stolen

https://www.soe.com/securityupdate/
https://www.joystiq.com/2011/05/02/sony-hit-with-second-attack-loses-12-700-credit-card-nu/
https://consumerist.com/2011/05/security-expert-sony-knew-its-software-was-obsolete-months-before-psn-breach.html

Old database from 2007 compromised, 12,700 credit cards with expiry dates and 10,700 direct debit accounts
- Old data was not destroyed, why?
- Was this data not encrypted, as sony claims the PSN credit card database was?
- most of these cards are likely expired, but some banks use extended expiration dates
- direct debit accounts are likely more at risk, although harder to exploit
Sony says that PSN and SOE are isolated systems, but it seems the attacks are related
Data was stolen as part of the original compromise on April 16-17th (earlier than previously reported), not a separate compromise
If the data is separate, how were both databases compromised?
If the data is not isolated, why were SOE customers not notified weeks ago when the breech was discovered? More attempted cover-up by Sony.
SOE passwords are hashed (no specifics on algorithm or if they were salted)
Data includes: name. address, e-mail, birthdate, gender, phone number, username name, and hashed password
Unconfirmed rumours that the credit card lists have been offered for sales or to Sony
Sony offering customers from Massachusetts free identity theft protection service, as required by state law in the event of such a breech
It later came to light in congressional hearings in the US (which Sony declined to attend) that Sony was using outdated, known vulnerable software, and that this fact had been reported to them by security researches months before these attacks
Sony says that it has added automated monitoring and encryption to its systems in the wake of the recent attacks.

Topic: Wikileaks may have forced the US Government’s Hand

https://www.guardian.co.uk/world/2011/may/03/osama-bin-laden-abbottabad-hideout
https://www.documentcloud.org/documents/87933-interrogation-file-of-abu-faraj-al-libi.html#document/p5/a17091

US knew that someone was hiding in the compound since at least last summer
US was unsure who was in the compound, believed it was UBL but were unsure, and unwilling to risk disclosing the depth of their penetration of the oppositions security
Classic Intelligence Paradox, what use is having the information if you cannot use it, but using it will expose your sources and methods.
The wikileaks release of Guantanamo documents exposed the US’s penetration of UBL’s courier network
US likely decided to move immediately to avoid squandering the opportunity

Topic: Stupid EU law of the week

https://www.bbc.co.uk/news/technology-12668552
https://translate.google.com/translate?sl=sv&tl=en&js=n&prev=_t&hl=en&ie=UTF-8&layout=2&eotf=1&u=http%3A%2F%2Fwww.idg.se%2F2.1085%2F1.382570%2Fexpertpanelen-ny-lag-om-hanteringen-av-cookies

Basically will result in users being met with mini-EULA asking you to opt in to cookies in order to enter every site on the internet
Law has a specific provision to allow cookies to be used to track the contents of your shopping cart
Cookies are an important part of web applications. HTTP is stateless, and cookies are the easiest and most convenient way to maintain state
Controls for cookies are best left to the browser, which decides and enforces policies on cookies
There already exists the ‘same-domain’ policy in all browsers, cookies can only be read by the site that set them
There exists a better alternative already supported by Google and Mozilla, the DNT (Do Not Track) opt-out system asks advertisers to not use or not collect behavioural data. Google’s system works slightly differently but accomplishes the same goal.
This is yet another example of governments passing laws without considering the technical implications of their implementation. Governments seem to purposefully avoid consulting actual experts and instead hire consultants that will agree with their position.

Topic: Image authentication system cracked

https://blog.crackpassword.com/2011/04/nikon-image-authentication-system-compromised/

https://www.nikonusa.com/Nikon-Products/Product/Imaging-Software/25738/Image-Authentication-Software.html#tab-ProductDetail.ProductTabs.Overview

https://www.elcomsoft.com/canon.html

Digital SLR camera technology that signs photos with a private key when they are taken to allow their originality to be verified.
The image and the meta data are both hashed with SHA-1 (this is possibly insufficient, SHA-256 or better should be used for cryptographic security and future proofing)
The two hash values are then encrypted separately using a 1024-bit RSA key (again, insufficient key size, even SSL requires 2048 bit keys now) and stored in the EXIF data
The verification software then validates the signature and compares the hashes
Very similar system with similar flaw found in the Canon Original Data Security system. Neither Canon or Nikon have responded nor indicated they will address the issues
ElcomSoft managed to extract the private key and sign forged images that then passed verification
It seems all Nikon cameras use the SAME key, not separate keys per camera, so once the key is exposed, the entire system is compromised, not just the single camera

Topic: Amazon Post Mortem, some data loss

https://www.businessinsider.com/amazon-lost-data-2011-4
https://aws.amazon.com/message/65648/

Original failure was caused by network operator error
Failure caused some data loss, a small portion but still significant
- Online cloud services such as Chartbeat lost data
Replica system had no rate limiting, so when a large number of EBS volumes failed, the creation of replicas to replace them overloaded the centralized management system (the only shared part of the EBS infrastructure)
All Availability zones ran out of capacity, new replicas of data could not be created
EBS nodes that needed to create replicas as well as EC2 and RDS nodes backed by them became ‘stuck’ waiting for capacity to store replicas. Effected about 13% of all nodes in the availability zone.
Create Volume API calls have a long timeout, caused thread starvation as the requests continued to back up on the shared centralized management system (EBS Control Plane)
The overload of the control plane caused all EBS nodes in US-EAST to experience latency and higher error rates
To combat this, amazon disabled all ‘Create Volume’ API calls to restore service to the unaffected Availability zones
EBS control plane again became overwhelmed with other API calls caused by the degradation of the effected availability zone, all communications between the broken EBS volumes the control plane were disabled to restore service to other customers
Lessons going forward:
- Rate limiting on all API calls
- Limit any one availability zone from dominating the control plane
- Move some operations into separate control planes in each availability zone
- Increase stand-by capacity to better accommodate growth and failure scenarios
- Increase automation in network configuration to prevent human error
- Additional intelligence to prevent and detect ‘re-mirroring storms’
- Increase back off timers more aggressively in a failure scenario
- Focus on re-establishing connections with existing replicas instead of making new ones
- Educate customers about using multiple-AZ (Availability Zone) setups to reduce the impact of partial failures of the cloud
- Improve communications and Service Health Monitoring tools

Download:

The post A Simple Mistake | TechSNAP 4 first appeared on Jupiter Broadcasting.

Science That Scares Us | Jupiter@Nite | 8.9.10

chris — Mon, 09 Aug 2010 21:40:32 +0000

At Jupiter Broadcasting we love technology and science. Let’s be honest, it’s most the reason we even started with all this show stuff. But every now and then, technology and science take an advance that even gives techno-lovers like us serious pause.

In tonight’s show we look at these types of scientific advances, and just what about them has us awake at night!

Show Feeds:

HD Video RSS

Large Video RSS

iPod Video RSS

MP3 RSS

iTunes Feeds

Tonight’s Show Notes & Download Below:

Alan says Lasik is scary

Common side effects
An entire site dedicated to

Chris fears diet soda!

Apparently, aspartame found in many diet beverage will destroy your body.. Crap.
Artificial Sweeteners cause high blood pressure.
In some test, a drink a day causes a 30% chance in women to have pre-term deliveries.

Jeremy fears the Robot Apocalypse

Apple buys patent on “LiquidMetal”closer to reality
Google fights back with airborne drones.
This arms race will consume us all!!! THE END IS NIGH

Large Hadron Collider scares us all!

Seems to have the potential to be the ultimate harbinger of our deaths.
Some say it is being , say whu?
Despite already being the harbinger of our destruction,

Doctors injecting things in us that glow.. FREAKS US OUT!

They glowing things are called “beans”
“Beans" stands for Bioelectrical Mechanical Autonomous Nano Systems.
The researchers think it would be possible to develop devices that manage diabetics' blood sugar without them noticing it.

Happy 8-9-10 day!

Download:

The post Science That Scares Us | Jupiter@Nite | 8.9.10 first appeared on Jupiter Broadcasting.